Sending Windows credentials with WCF service call

1
votes

I am calling WCF service from my ASP.NET application (.Net 4.5 and IIS 7). The web application is configured to use Windows authentication.

<authentication mode="Windows" />

I am trying to send Windows user credentials as identity principle to my service. At my service end, I am going to do some additional authorisation logic manually. However I am not getting the WindowsPrinciple at service end. Instead I always get GenericPrinciple type and hence the principle name is coming blank. I am very new to WCF configurations. What exactly I am missing here?

Both the web application and WCF are currently hosted in IIS 7 on the same machine.

Here is the web.config setting at client side.

<system.serviceModel>
<bindings>
  <basicHttpBinding>
    <binding name="BasicHttpBidning_IService" maxReceivedMessageSize="2147483647">
    </binding>
  </basicHttpBinding>

<client>
  <endpoint address="http://localhost/MyWebServiceApp/API/MyAPIService.svc"
      binding="basicHttpBinding" bindingConfiguration="BasicHttpBidning_IService"
      contract="Application.API.IService"
      name="BasicHttpBidning_IService" >
  </endpoint>
</client>
</system.serviceModel>

Service side:

<service name="MyAPIService" behaviorConfiguration="PublicServiceTypeBehaviors">
    <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBidning_IPublicService" contract="Application.API.IService" name="BasicHttpBidning_IService" />
    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>

<system.serviceModel>
<client />
<serviceHostingEnvironment multipleSiteBindingsEnabled="false" minFreeMemoryPercentageToActivateService="1" />
<bindings>
  <basicHttpBinding>
    <binding name="BasicHttpBidning_IPublicService" maxReceivedMessageSize="2147483647" />
    </basicHttpBinding>
</bindings>
<behaviors>
  <endpointBehaviors>
    <behavior name="WebHttpBidning_IPublicService">
      <webHttp/>
    </behavior>
  </endpointBehaviors>  
  <serviceBehaviors>
    <behavior name="PublicServiceTypeBehaviors">
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
      <serviceDebug includeExceptionDetailInFaults="true" />
    </behavior>
    <behavior>
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
</system.serviceModel>
1
asp.net.netwcfwindows-authentication
Windows credentials are for Windows machines in the same LAN, and other Windows machines outside the LAN have know such knowledge. Is there any reason why you must use Windows credential.ZZZ
Because the website will be used in intranet. And each user will have access to only certain WCF methods depending on its role.Anil Soman

1 Answers

0
votes

You have defined ServiceBehavior called "PublicServiceTypeBehaviors", now you just need to make the behavior include some built-in authentication and authorization features of WCF.

WindowsAuthentication is what you need under ServiceCrendentials.

For authorization if you need, you may add ServiceAuthorization and related role provider.